def users_create(request):
user_id = request.user_uniq
req = api.utils.get_json_body(request)
logger.info('users_create: %s request: %s', user_id, req)
user_data = req.get('user', {})
email = user_data.get('username', None)
first_name = user_data.get('first_name', None)
last_name = user_data.get('last_name', None)
affiliation = user_data.get('affiliation', None)
password = user_data.get('password', None)
metadata = user_data.get('metadata', {})
password_gen = AstakosUser.objects.make_random_password
if not password:
password = password_gen()
try:
validate_email(email)
except ValidationError:
raise faults.BadRequest("Invalid username (email format required)")
if AstakosUser.objects.verified_user_exists(email):
raise faults.Conflict("User '%s' already exists" % email)
if not first_name:
raise faults.BadRequest("Invalid first_name")
if not last_name:
raise faults.BadRequest("Invalid last_name")
has_signed_terms = True
try:
user = make_local_user(email, first_name=first_name,
last_name=last_name, password=password,
has_signed_terms=has_signed_terms)
if metadata:
# we expect a unique local auth provider for the user
provider = user.auth_providers.get()
provider.info = metadata
provider.affiliation = affiliation
provider.save()
user = AstakosUser.objects.get(pk=user.pk)
code = user.verification_code
ver_res = user_logic.verify(user, code)
if ver_res.is_error():
raise Exception(ver_res.message)
# in case of auto moderation user moderation is handled within the
# verification process, no need to reapply moderation process
if not user.moderated:
mod_res = user_logic.accept(user, accept=True, notify_user=False)
if mod_res.is_error():
raise Exception(ver_res.message)
except Exception, e:
raise faults.BadRequest(e.message)
def apply_actions(self, user, options):
if options.get('admin'):
user.is_superuser = True
elif options.get('noadmin'):
user.is_superuser = False
if options.get('reject'):
reject_reason = options.get('reject_reason', None)
res = user_action.reject(user, reject_reason)
if res.is_error():
self.stderr.write("Failed to reject: %s\n" % res.message)
else:
self.stderr.write("Account rejected\n")
if options.get('verify'):
res = user_action.verify(user, user.verification_code)
if res.is_error():
self.stderr.write("Failed to verify: %s\n" % res.message)
else:
self.stderr.write("Account verified (%s)\n"
% res.status_display())
if options.get('accept'):
res = user_action.accept(user)
if res.is_error():
self.stderr.write("Failed to accept: %s\n" % res.message)
else:
self.stderr.write("Account accepted and activated\n")
if options.get('active'):
res = user_action.activate(user)
if res.is_error():
self.stderr.write("Failed to activate: %s\n" % res.message)
else:
self.stderr.write("Account %s activated\n" % user.username)
elif options.get('inactive'):
inactive_reason = options.get('inactive_reason', None)
res = user_action.deactivate(user, inactive_reason)
if res.is_error():
self.stderr.write("Failed to deactivate: %s\n" % res.message)
else:
self.stderr.write("Account %s deactivated\n" % user.username)
invitations = options.get('invitations')
if invitations is not None:
user.invitations = int(invitations)
groupname = options.get('add-group')
if groupname is not None:
try:
group = Group.objects.get(name=groupname)
user.groups.add(group)
except Group.DoesNotExist, e:
self.stderr.write(
"Group named %s does not exist\n" % groupname)
def apply_actions(self, user, options):
if options.get('admin'):
user.is_superuser = True
elif options.get('noadmin'):
user.is_superuser = False
if options.get('reject'):
reject_reason = options.get('reject_reason', None)
res = user_action.reject(user, reject_reason)
if res.is_error():
self.stderr.write("Failed to reject: %s\n" % res.message)
else:
self.stderr.write("Account rejected\n")
if options.get('verify'):
res = user_action.verify(user, user.verification_code)
if res.is_error():
self.stderr.write("Failed to verify: %s\n" % res.message)
else:
self.stderr.write("Account verified (%s)\n" %
res.status_display())
if options.get('accept'):
res = user_action.accept(user)
if res.is_error():
self.stderr.write("Failed to accept: %s\n" % res.message)
else:
self.stderr.write("Account accepted and activated\n")
if options.get('active'):
res = user_action.activate(user)
if res.is_error():
self.stderr.write("Failed to activate: %s\n" % res.message)
else:
self.stderr.write("Account %s activated\n" % user.username)
elif options.get('inactive'):
inactive_reason = options.get('inactive_reason', None)
res = user_action.deactivate(user, inactive_reason)
if res.is_error():
self.stderr.write("Failed to deactivate: %s\n" % res.message)
else:
self.stderr.write("Account %s deactivated\n" % user.username)
invitations = options.get('invitations')
if invitations is not None:
user.invitations = int(invitations)
groupname = options.get('add-group')
if groupname is not None:
try:
group = Group.objects.get(name=groupname)
user.groups.add(group)
except Group.DoesNotExist, e:
self.stderr.write("Group named %s does not exist\n" %
groupname)
def test_accept(self):
"""Test acceptance logic."""
# Verify the user first.
res = verify(self.user1, self.user1.verification_code)
self.assertFalse(res.is_error())
# Test if check function works properly for unmoderated user.
ok, _ = validate_user_action(self.user1, "ACCEPT")
self.assertTrue(ok)
# Test if accept action works properly for unmoderated user.
res = accept(self.user1)
self.assertFalse(res.is_error())
self.assertEqual(len(mail.outbox), 1)
# Test if check function fails properly for moderated user.
ok, _ = validate_user_action(self.user1, "ACCEPT")
self.assertFalse(ok)
# Test if accept action fails properly for moderated user.
res = accept(self.user1)
self.assertTrue(res.is_error())
self.assertEqual(len(mail.outbox), 1)
# Test if the rest of the actions can apply on a moderated user.
# User cannot be rejected.
ok, _ = validate_user_action(self.user1, "REJECT")
self.assertFalse(ok)
res = reject(self.user1, 'Too late')
self.assertTrue(res.is_error())
# User cannot be reactivated.
ok, _ = validate_user_action(self.user1, "ACTIVATE")
self.assertFalse(ok)
res = activate(self.user1)
self.assertTrue(res.is_error())
def test_accept(self):
"""Test acceptance logic."""
# Verify the user first.
res = verify(self.user1, self.user1.verification_code)
self.assertFalse(res.is_error())
# Test if check function works properly for unmoderated user.
ok, _ = validate_user_action(self.user1, "ACCEPT")
self.assertTrue(ok)
# Test if accept action works properly for unmoderated user.
res = accept(self.user1)
self.assertFalse(res.is_error())
self.assertEqual(len(mail.outbox), 1)
# Test if check function fails properly for moderated user.
ok, _ = validate_user_action(self.user1, "ACCEPT")
self.assertFalse(ok)
# Test if accept action fails properly for moderated user.
res = accept(self.user1)
self.assertTrue(res.is_error())
self.assertEqual(len(mail.outbox), 1)
# Test if the rest of the actions can apply on a moderated user.
# User cannot be rejected.
ok, _ = validate_user_action(self.user1, "REJECT")
self.assertFalse(ok)
res = reject(self.user1, 'Too late')
self.assertTrue(res.is_error())
# User cannot be reactivated.
ok, _ = validate_user_action(self.user1, "ACTIVATE")
self.assertFalse(ok)
res = activate(self.user1)
self.assertTrue(res.is_error())
def test_reactivate(self):
"""Test activate option."""
# Verify and accept the user first
res = verify(self.user1, self.user1.verification_code)
self.assertFalse(res.is_error())
res = accept(self.user1)
self.assertFalse(res.is_error())
# Activating the user should fail.
out, err = snf_manage(self.user1, "activate")
self.assertInLog("Failed to activate", err)
# Deactivate the user in order to reactivate him/her.
res = deactivate(self.user1)
self.assertFalse(res.is_error())
# Activating the user should work.
out, err = snf_manage(self.user1, "activate")
self.assertInLog("Account %s activated" % self.user1.username, err)
def test_reactivate(self):
"""Test activate option."""
# Verify and accept the user first
res = verify(self.user1, self.user1.verification_code)
self.assertFalse(res.is_error())
res = accept(self.user1)
self.assertFalse(res.is_error())
# Activating the user should fail.
out, err = snf_manage(self.user1, "activate")
self.assertInLog("Failed to activate", err)
# Deactivate the user in order to reactivate him/her.
res = deactivate(self.user1)
self.assertFalse(res.is_error())
# Activating the user should work.
out, err = snf_manage(self.user1, "activate")
self.assertInLog("Account %s activated" % self.user1.username, err)
def test_deactivate(self):
"""Test deactivate option."""
# Verify and accept the user first
res = verify(self.user1, self.user1.verification_code)
self.assertFalse(res.is_error())
res = accept(self.user1)
self.assertFalse(res.is_error())
# Deactivating the user should work.
out, err = snf_manage(self.user1, "deactivate",
inactive_reason="Because")
self.assertInLog("Account %s deactivated" % self.user1.username, err)
self.reload_user()
self.assertEqual(self.user1.deactivated_reason, "Because")
# Deactivating the user again should also work.
out, err = snf_manage(self.user1, "deactivate",
inactive_reason="Oops, I did it again")
self.assertInLog("Account %s deactivated" % self.user1.username, err)
self.reload_user()
self.assertEqual(self.user1.deactivated_reason, "Oops, I did it again")
def test_deactivate(self):
"""Test deactivate option."""
# Verify and accept the user first
res = verify(self.user1, self.user1.verification_code)
self.assertFalse(res.is_error())
res = accept(self.user1)
self.assertFalse(res.is_error())
# Deactivating the user should work.
out, err = snf_manage(self.user1,
"deactivate",
inactive_reason="Because")
self.assertInLog("Account %s deactivated" % self.user1.username, err)
self.reload_user()
self.assertEqual(self.user1.deactivated_reason, "Because")
# Deactivating the user again should also work.
out, err = snf_manage(self.user1,
"deactivate",
inactive_reason="Oops, I did it again")
self.assertInLog("Account %s deactivated" % self.user1.username, err)
self.reload_user()
self.assertEqual(self.user1.deactivated_reason, "Oops, I did it again")
def test_reactivation(self):
"""Test activation/deactivation logic."""
# Verify the user.
res = verify(self.user1, self.user1.verification_code)
self.assertFalse(res.is_error())
# We cannot deactivate an unmoderated user.
ok, _ = validate_user_action(self.user1, "DEACTIVATE")
self.assertFalse(ok)
res = deactivate(self.user1)
self.assertTrue(res.is_error())
# Accept the user.
res = accept(self.user1)
self.assertFalse(res.is_error())
# Check if we can deactivate properly an active user.
ok, _ = validate_user_action(self.user1, "DEACTIVATE")
self.assertTrue(ok)
res = deactivate(self.user1)
self.assertFalse(res.is_error())
# This should be able to happen many times.
ok, _ = validate_user_action(self.user1, "DEACTIVATE")
self.assertTrue(ok)
res = deactivate(self.user1)
self.assertFalse(res.is_error())
# Check if we can activate properly an inactive user
ok, _ = validate_user_action(self.user1, "ACTIVATE")
self.assertTrue(ok)
res = activate(self.user1)
self.assertFalse(res.is_error())
# This should be able to happen only once.
ok, _ = validate_user_action(self.user1, "ACTIVATE")
self.assertFalse(ok)
res = activate(self.user1)
self.assertTrue(res.is_error())
def test_rejection(self):
"""Test if rejections are handled properly."""
# Verify the user first.
res = verify(self.user1, self.user1.verification_code)
self.assertFalse(res.is_error())
# Check rejection.
ok, _ = validate_user_action(self.user1, "REJECT")
self.assertTrue(ok)
res = reject(self.user1, reason="Because")
self.assertFalse(res.is_error())
self.assertEqual(len(mail.outbox), 0)
# Check if reason has been registered.
self.assertEqual(self.user1.rejected_reason, "Because")
# We cannot reject twice.
ok, _ = validate_user_action(self.user1, "REJECT")
self.assertFalse(ok)
res = reject(self.user1, reason="Because")
self.assertTrue(res.is_error())
self.assertEqual(len(mail.outbox), 0)
# We cannot deactivate a rejected user.
ok, _ = validate_user_action(self.user1, "DEACTIVATE")
self.assertFalse(ok)
res = deactivate(self.user1)
self.assertTrue(res.is_error())
# We can, however, accept a rejected user.
ok, msg = validate_user_action(self.user1, "ACCEPT")
self.assertTrue(ok)
# Test if accept action works on rejected users.
res = accept(self.user1)
self.assertFalse(res.is_error())
self.assertEqual(len(mail.outbox), 1)
def test_reactivation(self):
"""Test activation/deactivation logic."""
# Verify the user.
res = verify(self.user1, self.user1.verification_code)
self.assertFalse(res.is_error())
# We cannot deactivate an unmoderated user.
ok, _ = validate_user_action(self.user1, "DEACTIVATE")
self.assertFalse(ok)
res = deactivate(self.user1)
self.assertTrue(res.is_error())
# Accept the user.
res = accept(self.user1)
self.assertFalse(res.is_error())
# Check if we can deactivate properly an active user.
ok, _ = validate_user_action(self.user1, "DEACTIVATE")
self.assertTrue(ok)
res = deactivate(self.user1)
self.assertFalse(res.is_error())
# This should be able to happen many times.
ok, _ = validate_user_action(self.user1, "DEACTIVATE")
self.assertTrue(ok)
res = deactivate(self.user1)
self.assertFalse(res.is_error())
# Check if we can activate properly an inactive user
ok, _ = validate_user_action(self.user1, "ACTIVATE")
self.assertTrue(ok)
res = activate(self.user1)
self.assertFalse(res.is_error())
# This should be able to happen only once.
ok, _ = validate_user_action(self.user1, "ACTIVATE")
self.assertFalse(ok)
res = activate(self.user1)
self.assertTrue(res.is_error())
def test_rejection(self):
"""Test if rejections are handled properly."""
# Verify the user first.
res = verify(self.user1, self.user1.verification_code)
self.assertFalse(res.is_error())
# Check rejection.
ok, _ = validate_user_action(self.user1, "REJECT")
self.assertTrue(ok)
res = reject(self.user1, reason="Because")
self.assertFalse(res.is_error())
self.assertEqual(len(mail.outbox), 0)
# Check if reason has been registered.
self.assertEqual(self.user1.rejected_reason, "Because")
# We cannot reject twice.
ok, _ = validate_user_action(self.user1, "REJECT")
self.assertFalse(ok)
res = reject(self.user1, reason="Because")
self.assertTrue(res.is_error())
self.assertEqual(len(mail.outbox), 0)
# We cannot deactivate a rejected user.
ok, _ = validate_user_action(self.user1, "DEACTIVATE")
self.assertFalse(ok)
res = deactivate(self.user1)
self.assertTrue(res.is_error())
# We can, however, accept a rejected user.
ok, msg = validate_user_action(self.user1, "ACCEPT")
self.assertTrue(ok)
# Test if accept action works on rejected users.
res = accept(self.user1)
self.assertFalse(res.is_error())
self.assertEqual(len(mail.outbox), 1)
def users_create(request):
user_id = request.user_uniq
req = api.utils.get_json_body(request)
logger.info('users_create: %s request: %s', user_id, req)
user_data = req.get('user', {})
email = user_data.get('username', None)
first_name = user_data.get('first_name', None)
last_name = user_data.get('last_name', None)
affiliation = user_data.get('affiliation', None)
password = user_data.get('password', None)
metadata = user_data.get('metadata', {})
password_gen = AstakosUser.objects.make_random_password
if not password:
password = password_gen()
try:
validate_email(email)
except ValidationError:
raise faults.BadRequest("Invalid username (email format required)")
if AstakosUser.objects.verified_user_exists(email):
raise faults.Conflict("User '%s' already exists" % email)
if not first_name:
raise faults.BadRequest("Invalid first_name")
if not last_name:
raise faults.BadRequest("Invalid last_name")
has_signed_terms = True
try:
user = make_local_user(email,
first_name=first_name,
last_name=last_name,
password=password,
has_signed_terms=has_signed_terms)
if metadata:
# we expect a unique local auth provider for the user
provider = user.auth_providers.get()
provider.info = metadata
provider.affiliation = affiliation
provider.save()
user = AstakosUser.objects.get(pk=user.pk)
code = user.verification_code
ver_res = user_logic.verify(user, code)
if ver_res.is_error():
raise Exception(ver_res.message)
# in case of auto moderation user moderation is handled within the
# verification process, no need to reapply moderation process
if not user.moderated:
mod_res = user_logic.accept(user, accept=True, notify_user=False)
if mod_res.is_error():
raise Exception(ver_res.message)
except Exception, e:
raise faults.BadRequest(e.message)
